package com.usian.security.expression;

import cn.hutool.core.util.StrUtil;
import com.usian.security.entity.LoginUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

@Component("customExpression")
public class CustomSecurityExpressionRoot {
    public final boolean hasAuthority(String per){
//        从redis获取用户权限  或者SecurityContextHandler中获取
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser=(LoginUser)authentication.getPrincipal();
        List<String> permissions=loginUser.getPermissions();
        for (String permission : permissions) {
            if (StrUtil.contains(permission,per)){
                return true;
            }
        }
        return false;
    }
}
